diff options
Diffstat (limited to 'security')
31 files changed, 791 insertions, 1974 deletions
diff --git a/security/Kconfig b/security/Kconfig index fb363cd81cf6..226b9556b25f 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -91,28 +91,6 @@ config SECURITY_PATH | |||
| 91 | implement pathname based access controls. | 91 | implement pathname based access controls. |
| 92 | If you are unsure how to answer this question, answer N. | 92 | If you are unsure how to answer this question, answer N. |
| 93 | 93 | ||
| 94 | config SECURITY_FILE_CAPABILITIES | ||
| 95 | bool "File POSIX Capabilities" | ||
| 96 | default n | ||
| 97 | help | ||
| 98 | This enables filesystem capabilities, allowing you to give | ||
| 99 | binaries a subset of root's powers without using setuid 0. | ||
| 100 | |||
| 101 | If in doubt, answer N. | ||
| 102 | |||
| 103 | config SECURITY_ROOTPLUG | ||
| 104 | bool "Root Plug Support" | ||
| 105 | depends on USB=y && SECURITY | ||
| 106 | help | ||
| 107 | This is a sample LSM module that should only be used as such. | ||
| 108 | It prevents any programs running with egid == 0 if a specific | ||
| 109 | USB device is not present in the system. | ||
| 110 | |||
| 111 | See <http://www.linuxjournal.com/article.php?sid=6279> for | ||
| 112 | more information about this module. | ||
| 113 | |||
| 114 | If you are unsure how to answer this question, answer N. | ||
| 115 | |||
| 116 | config INTEL_TXT | 94 | config INTEL_TXT |
| 117 | bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" | 95 | bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" |
| 118 | depends on HAVE_INTEL_TXT | 96 | depends on HAVE_INTEL_TXT |
| @@ -165,5 +143,37 @@ source security/tomoyo/Kconfig | |||
| 165 | 143 | ||
| 166 | source security/integrity/ima/Kconfig | 144 | source security/integrity/ima/Kconfig |
| 167 | 145 | ||
| 146 | choice | ||
| 147 | prompt "Default security module" | ||
| 148 | default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX | ||
| 149 | default DEFAULT_SECURITY_SMACK if SECURITY_SMACK | ||
| 150 | default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO | ||
| 151 | default DEFAULT_SECURITY_DAC | ||
| 152 | |||
| 153 | help | ||
| 154 | Select the security module that will be used by default if the | ||
| 155 | kernel parameter security= is not specified. | ||
| 156 | |||
| 157 | config DEFAULT_SECURITY_SELINUX | ||
| 158 | bool "SELinux" if SECURITY_SELINUX=y | ||
| 159 | |||
| 160 | config DEFAULT_SECURITY_SMACK | ||
| 161 | bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y | ||
| 162 | |||
| 163 | config DEFAULT_SECURITY_TOMOYO | ||
| 164 | bool "TOMOYO" if SECURITY_TOMOYO=y | ||
| 165 | |||
| 166 | config DEFAULT_SECURITY_DAC | ||
| 167 | bool "Unix Discretionary Access Controls" | ||
| 168 | |||
| 169 | endchoice | ||
| 170 | |||
| 171 | config DEFAULT_SECURITY | ||
| 172 | string | ||
| 173 | default "selinux" if DEFAULT_SECURITY_SELINUX | ||
| 174 | default "smack" if DEFAULT_SECURITY_SMACK | ||
| 175 | default "tomoyo" if DEFAULT_SECURITY_TOMOYO | ||
| 176 | default "" if DEFAULT_SECURITY_DAC | ||
| 177 | |||
| 168 | endmenu | 178 | endmenu |
| 169 | 179 | ||
diff --git a/security/Makefile b/security/Makefile index 95ecc06392d7..bb44e350c618 100644 --- a/security/Makefile +++ b/security/Makefile | |||
| @@ -18,7 +18,6 @@ obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o | |||
| 18 | obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o | 18 | obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o |
| 19 | obj-$(CONFIG_AUDIT) += lsm_audit.o | 19 | obj-$(CONFIG_AUDIT) += lsm_audit.o |
| 20 | obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o | 20 | obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o |
| 21 | obj-$(CONFIG_SECURITY_ROOTPLUG) += root_plug.o | ||
| 22 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o | 21 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o |
| 23 | 22 | ||
| 24 | # Object integrity file lists | 23 | # Object integrity file lists |
diff --git a/security/capability.c b/security/capability.c index fce07a7bc825..5c700e1a4fd3 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -308,6 +308,22 @@ static int cap_path_truncate(struct path *path, loff_t length, | |||
| 308 | { | 308 | { |
| 309 | return 0; | 309 | return 0; |
| 310 | } | 310 | } |
| 311 | |||
| 312 | static int cap_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | ||
| 313 | mode_t mode) | ||
| 314 | { | ||
| 315 | return 0; | ||
| 316 | } | ||
| 317 | |||
| 318 | static int cap_path_chown(struct path *path, uid_t uid, gid_t gid) | ||
| 319 | { | ||
| 320 | return 0; | ||
| 321 | } | ||
| 322 | |||
| 323 | static int cap_path_chroot(struct path *root) | ||
| 324 | { | ||
| 325 | return 0; | ||
| 326 | } | ||
| 311 | #endif | 327 | #endif |
| 312 | 328 | ||
| 313 | static int cap_file_permission(struct file *file, int mask) | 329 | static int cap_file_permission(struct file *file, int mask) |
| @@ -405,7 +421,7 @@ static int cap_kernel_create_files_as(struct cred *new, struct inode *inode) | |||
| 405 | return 0; | 421 | return 0; |
| 406 | } | 422 | } |
| 407 | 423 | ||
| 408 | static int cap_kernel_module_request(void) | 424 | static int cap_kernel_module_request(char *kmod_name) |
| 409 | { | 425 | { |
| 410 | return 0; | 426 | return 0; |
| 411 | } | 427 | } |
| @@ -977,6 +993,9 @@ void security_fixup_ops(struct security_operations *ops) | |||
| 977 | set_to_cap_if_null(ops, path_link); | 993 | set_to_cap_if_null(ops, path_link); |
| 978 | set_to_cap_if_null(ops, path_rename); | 994 | set_to_cap_if_null(ops, path_rename); |
| 979 | set_to_cap_if_null(ops, path_truncate); | 995 | set_to_cap_if_null(ops, path_truncate); |
| 996 | set_to_cap_if_null(ops, path_chmod); | ||
| 997 | set_to_cap_if_null(ops, path_chown); | ||
| 998 | set_to_cap_if_null(ops, path_chroot); | ||
| 980 | #endif | 999 | #endif |
| 981 | set_to_cap_if_null(ops, file_permission); | 1000 | set_to_cap_if_null(ops, file_permission); |
| 982 | set_to_cap_if_null(ops, file_alloc_security); | 1001 | set_to_cap_if_null(ops, file_alloc_security); |
diff --git a/security/commoncap.c b/security/commoncap.c index fe30751a6cd9..f800fdb3de94 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* Common capabilities, needed by capability.o and root_plug.o | 1 | /* Common capabilities, needed by capability.o. |
| 2 | * | 2 | * |
| 3 | * This program is free software; you can redistribute it and/or modify | 3 | * This program is free software; you can redistribute it and/or modify |
| 4 | * it under the terms of the GNU General Public License as published by | 4 | * it under the terms of the GNU General Public License as published by |
| @@ -173,7 +173,6 @@ int cap_capget(struct task_struct *target, kernel_cap_t *effective, | |||
| 173 | */ | 173 | */ |
| 174 | static inline int cap_inh_is_capped(void) | 174 | static inline int cap_inh_is_capped(void) |
| 175 | { | 175 | { |
| 176 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
| 177 | 176 | ||
| 178 | /* they are so limited unless the current task has the CAP_SETPCAP | 177 | /* they are so limited unless the current task has the CAP_SETPCAP |
| 179 | * capability | 178 | * capability |
| @@ -181,7 +180,6 @@ static inline int cap_inh_is_capped(void) | |||
| 181 | if (cap_capable(current, current_cred(), CAP_SETPCAP, | 180 | if (cap_capable(current, current_cred(), CAP_SETPCAP, |
